Jump to content

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?
Sign Up

Browse
- Forums
- Staff
- Leaderboard
- Guidelines
- Terms of Service
- More
Activity
- All Activity
- Search
- More
Join our Discord!
More
- More

PHP Coding Help

htmlspecialchars versus mysql_real_escape_string

php_guy

By php_guy
February 5, 2011 in PHP Coding Help

Start new topic

Recommended Posts

php_guy

Member

php_guy

Posted February 5, 2011

- Share

Posted February 5, 2011

When sending data via $_POST for example, I've seen the data get filtered with both mysql_real_escape_string or htmlspecialchars

When should you use one or the other?

Link to comment

https://forums.phpfreaks.com/topic/226787-htmlspecialchars-versus-mysql_real_escape_string/

Share on other sites

Pikachu2000

Prolific Member

Pikachu2000

Posted February 5, 2011

- Share

Posted February 5, 2011

It really depends what you intend to do with the data. If it will be inserted into a MySQL database, then mysql_real_escape_string, if it's being redisplayed, then htmlspecialchars or htmlentities and/or strip_tags.

Link to comment

https://forums.phpfreaks.com/topic/226787-htmlspecialchars-versus-mysql_real_escape_string/#findComment-1170256

Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

×

Browse
- Back
- Forums
- Staff
- Leaderboard
- Guidelines
- Terms of Service
Activity
- Back
- All Activity
- Search
Join our Discord!

×

Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.